<?
    // assume a connection to sql
    class MySQLAuthentication {
        private $_authlevel = AuthConstants::GUESTS;
        private $_userid = null;
        private $_error = '';
        
        function __construct() {}
        function Authenticate($username,$password) {
            $result = DatabaseManager::FetchRow("SELECT * FROM guests WHERE email LIKE '$username' AND password=MD5('$password') AND (expires=0 OR expires > " . time() . ") AND approved = 1;");

            if ($result != NULL) {
                $this->_authlevel = $result['override_auth'];
                $this->_userid = $result['id'];
                return true;
            }
            else {
                // see if the account is just expired
                // if it is - set the error
                $result = DatabaseManager::CountRows("SELECT * FROM guests WHERE email LIKE '$username' AND password=MD5('$password');");
                if ($result > 0) $this->_error = AuthManager::ACCOUNT_EXPIRED;
                else $this->_error = AuthManager::BAD_USERNAME_PASSWORD;
            }
            return false;
        }
        function GetUserID() { return $this->_userid; }
        function GetError() {
            return $this->_error;
        }
        function GetAuthLevel() {
            return $this->_authlevel;
        }
    }
?>  
